UINT8 EncAlgoId;\r
} EFI_IPSEC_PROCESS_POLICY;\r
\r
-///\r
-/// IPsec Authentication Algorithm Definition\r
-/// The number value definition is aligned to IANA assignment\r
-///\r
-#define EFI_IPSEC_AALG_NONE 0x00\r
-#define EFI_IPSEC_AALG_MD5HMAC 0x02\r
-#define EFI_IPSEC_AALG_SHA1HMAC 0x03\r
-#define EFI_IPSEC_AALG_SHA2_256HMAC 0x05\r
-#define EFI_IPSEC_AALG_SHA2_384HMAC 0x06\r
-#define EFI_IPSEC_AALG_SHA2_512HMAC 0x07\r
-#define EFI_IPSEC_AALG_AES_XCBC_MAC 0x09\r
-#define EFI_IPSEC_AALG_NULL 0xFB\r
-\r
-///\r
-/// IPsec Encryption Algorithm Definition\r
-/// The number value definition is aligned to IANA assignment\r
-///\r
-#define EFI_IPSEC_EALG_NONE 0x00\r
-#define EFI_IPSEC_EALG_DESCBC 0x02\r
-#define EFI_IPSEC_EALG_3DESCBC 0x03\r
-#define EFI_IPSEC_EALG_CASTCBC 0x06\r
-#define EFI_IPSEC_EALG_BLOWFISHCBC 0x07\r
-#define EFI_IPSEC_EALG_NULL 0x0B\r
-#define EFI_IPSEC_EALG_AESCBC 0x0C\r
-#define EFI_IPSEC_EALG_AESCTR 0x0D\r
-#define EFI_IPSEC_EALG_AES_CCM_ICV8 0x0E\r
-#define EFI_IPSEC_EALG_AES_CCM_ICV12 0x0F\r
-#define EFI_IPSEC_EALG_AES_CCM_ICV16 0x10\r
-#define EFI_IPSEC_EALG_AES_GCM_ICV8 0x12\r
-#define EFI_IPSEC_EALG_AES_GCM_ICV12 0x13\r
-#define EFI_IPSEC_EALG_AES_GCM_ICV16 0x14\r
-\r
///\r
/// EFI_IPSEC_SA_ID\r
/// A triplet to identify an SA, consisting of the following members.\r
BOOLEAN ManualSet;\r
} EFI_IPSEC_SA_DATA;\r
\r
+///\r
+/// EFI_IPSEC_SA_DATA2\r
+///\r
+typedef struct _EFI_IPSEC_SA_DATA2 { \r
+ ///\r
+ /// IPsec mode: tunnel or transport\r
+ ///\r
+ EFI_IPSEC_MODE Mode; \r
+ ///\r
+ /// Sequence Number Counter. A 64-bit counter used to generate the sequence \r
+ /// number field in AH or ESP headers. \r
+ ///\r
+ UINT64 SNCount; \r
+ ///\r
+ /// Anti-Replay Window. A 64-bit counter and a bit-map used to determine \r
+ /// whether an inbound AH or ESP packet is a replay.\r
+ ///\r
+ UINT8 AntiReplayWindows; \r
+ ///\r
+ /// AH/ESP cryptographic algorithm, key and parameters.\r
+ ///\r
+ EFI_IPSEC_ALGO_INFO AlgoInfo; \r
+ ///\r
+ /// Lifetime of this SA.\r
+ ///\r
+ EFI_IPSEC_SA_LIFETIME SaLifetime; \r
+ ///\r
+ /// Any observed path MTU and aging variables. The Path MTU processing is \r
+ /// defined in section 8 of RFC 4301.\r
+ ///\r
+ UINT32 PathMTU; \r
+ ///\r
+ /// Link to one SPD entry\r
+ ///\r
+ EFI_IPSEC_SPD_SELECTOR *SpdSelector; \r
+ ///\r
+ /// Indication of whether it's manually set or negotiated automatically. \r
+ /// If ManualSet is FALSE, the corresponding SA entry is inserted through IKE \r
+ /// protocol negotiation\r
+ ///\r
+ BOOLEAN ManualSet;\r
+ ///\r
+ /// The tunnel header IP source address.\r
+ ///\r
+ EFI_IP_ADDRESS TunnelSourceAddress;\r
+ ///\r
+ /// The tunnel header IP destination address.\r
+ ///\r
+ EFI_IP_ADDRESS TunnelDestinationAddress;\r
+} EFI_IPSEC_SA_DATA2; \r
+\r
+\r
///\r
/// EFI_IPSEC_PAD_ID\r
/// specifies the identifier for PAD entry, which is also used for SPD lookup.\r